Cryptanalysis of the 2013 PQCrypto Multivariate Signature Scheme 🔍
Explore Yasufumi Hashimoto's in-depth analysis of the security vulnerabilities in the multivariate signature scheme introduced at PQCrypto 2013, shedding light on potential cryptographic weaknesses.
Institute for Quantum Computing
390 views • Oct 23, 2014
About this video
Yasufumi Hashimoto of the University of Ryukyus presented a talk titled: Cryptanalysis of the multivariate signature scheme proposed in PQCrypto 2013 at the 2014 PQCrypto conference in October, 2014.
Abstract: In PQCrypto 2013, Yasuda, Takagi and Sakurai proposed a new signature scheme as one of multivariate public key cryptosystems (MPKCs). This scheme (called YTS) is based on the fact that there are two isometry classes of non-degenerate quadratic forms on a vector space with a prescribed dimension. The advantage of YTS is its efficiency . In fact, its signature generation is eight or nine times faster than Rainbow of similar size. For the security, it is known that the direct attack, the IP attack and the min-rank attack are applicable on YTS, and the running times are exponential time for the first and the second attacks and subexponential time for the third attack. In the present paper, we give a new attack on YTS using an approach similar to the diagonalization of a matrix. Our attack works in polynomial time and it actually recovers equivalent secret keys of YTS having 140-bits security against min-rank attack in several minutes.
PQCrypto
2014 Book: http://www.springer.com/computer/security+and+cryptology/book/978-3-319-11658-7
Workshop: https://pqcrypto2014.uwaterloo.ca/
Find out more about IQC!
Website - https://uwaterloo.ca/institute-for-qu...
Facebook - https://www.facebook.com/QuantumIQC
Twitter - https://twitter.com/QuantumIQC
Abstract: In PQCrypto 2013, Yasuda, Takagi and Sakurai proposed a new signature scheme as one of multivariate public key cryptosystems (MPKCs). This scheme (called YTS) is based on the fact that there are two isometry classes of non-degenerate quadratic forms on a vector space with a prescribed dimension. The advantage of YTS is its efficiency . In fact, its signature generation is eight or nine times faster than Rainbow of similar size. For the security, it is known that the direct attack, the IP attack and the min-rank attack are applicable on YTS, and the running times are exponential time for the first and the second attacks and subexponential time for the third attack. In the present paper, we give a new attack on YTS using an approach similar to the diagonalization of a matrix. Our attack works in polynomial time and it actually recovers equivalent secret keys of YTS having 140-bits security against min-rank attack in several minutes.
PQCrypto
2014 Book: http://www.springer.com/computer/security+and+cryptology/book/978-3-319-11658-7
Workshop: https://pqcrypto2014.uwaterloo.ca/
Find out more about IQC!
Website - https://uwaterloo.ca/institute-for-qu...
Facebook - https://www.facebook.com/QuantumIQC
Twitter - https://twitter.com/QuantumIQC
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
390
Duration
26:31
Published
Oct 23, 2014
Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.
Trending Now